urlscan.io logo urlscan.io
SecurityTrails logo

www.sunnet.sunlife.com Open in urlscan Pro
104.111.243.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sunlife.ca/ma//r/?id=h151c9275%2C3cbbfbf%2C2bd0ba5&s=BiCrCZhKBW7R1lIdD4eCMJZrvGIQAnQOe-f0T7a2zL4=
Effective URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASO...
Submission: On April 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 104.111.243.51, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.sunnet.sunlife.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 30th 2020. Valid for: a year.
This is the only time www.sunnet.sunlife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.109.58.183 16625 (AKAMAI-AS)
3 8 104.111.243.51 16625 (AKAMAI-AS)
7 104.111.218.140 16625 (AKAMAI-AS)
12 2
Apex Domain
Subdomains		 Transfer
8 sunlife.com
www.sunnet.sunlife.com
62 KB
8 sunlife.ca
www.sunlife.ca
secure.sunlife.ca
21 KB
12 2
Domain Requested by
8 www.sunnet.sunlife.com 3 redirects www.sunnet.sunlife.com
7 secure.sunlife.ca www.sunnet.sunlife.com
1 www.sunlife.ca 1 redirects
12 3

This site contains no links.

Subject Issuer Validity Valid
www.sunnet.sunlife.com
DigiCert SHA2 Extended Validation Server CA		 2020-06-30 -
2021-09-18		 a year crt.sh
www.sunlife.ca
DigiCert SHA2 Extended Validation Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Frame ID: CF79F94C7A176492D75D4F5E90D38EAA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.sunlife.ca/ma//r/?id=h151c9275%2C3cbbfbf%2C2bd0ba5&s=BiCrCZhKBW7R1lIdD4eCMJZrvGIQAnQOe-... HTTP 302
    https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH HTTP 302
    https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH Page URL
  2. https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH HTTP 302
    https://www.sunnet.sunlife.com/mbrportal/req/secure/pphp/personalizedWelcome?locale=en_CA HTTP 302
    https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b01230... Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

55 kB
Transfer

134 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sunlife.ca/ma//r/?id=h151c9275%2C3cbbfbf%2C2bd0ba5&s=BiCrCZhKBW7R1lIdD4eCMJZrvGIQAnQOe-f0T7a2zL4= HTTP 302
    https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH HTTP 302
    https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH Page URL
  2. https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH HTTP 302
    https://www.sunnet.sunlife.com/mbrportal/req/secure/pphp/personalizedWelcome?locale=en_CA HTTP 302
    https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.sunlife.ca/ma//r/?id=h151c9275%2C3cbbfbf%2C2bd0ba5&s=BiCrCZhKBW7R1lIdD4eCMJZrvGIQAnQOe-f0T7a2zL4= HTTP 302
  • https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH HTTP 302
  • https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set bcheck.html
www.sunnet.sunlife.com/
Redirect Chain
  • https://www.sunlife.ca/ma//r/?id=h151c9275%2C3cbbfbf%2C2bd0ba5&s=BiCrCZhKBW7R1lIdD4eCMJZrvGIQAnQOe-f0T7a2zL4=
  • https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
  • https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
8 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.243.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c1bce2e6596c5a2c303f7d5764d3b1507356fba885ee800e1573a526e75c4072
Security Headers
Name Value
Content-Security-Policy font-src 'self' https://www.sunlife.ca https://ssl.gstatic.com https://www.clarica.com https://secure.sunlife.ca https://gateway.zscalerthree.net https://www.google.me *.ca.sunlife *.sunlife.ca *.sunlife.com chrome-extension http://*.sunlife.ca http://fonts.gstatic.com http://themes.googleusercontent.com https://*.sunlife.com https://*.vidyard.com https://api.couponmate.com https://at.alicdn.com https://cdn.adskeeper.co.uk https://cdn.getspeechify.com https://cdn.honey.io https://cdnjs.cloudflare.com https://cloud.typenetwork.com https://connect.facebook.net https://fonts.gstatic.com https://github.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://sapling.ai https://static.revechat.com https://static3.avast.com https://use.fontawesome.com https://use.typekit.net https://webfonts.zohostatic.com https://www.clearplay.com https://www.gstatic.com https://www.slant.co ms-appx-web:// ms-appx-web://microsoft.microsoftedge https://cdn.joinhoney.com https://cdn.scite.ai data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: about:; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.sunnet.sunlife.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bcs=redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH&domain=.sunlife.com&sessioncookies=yes&browser=Mozilla&uaextra=Windows NT 10.0&bversion=5.0&bplatform=Windows NT 10.0&msiecheck= Win64&bextra= AppleWebKit/537.36 (KHTML&ssl=true; bcp=checked; ak_bmsc=F145F07E668AD2655BD3885E1FD480710210BB752B22000041097760357C6F61~plTwEcV/tfbX7LF/b/jWfpik7fyejTY4zXg2w/6FvtV6jjWLt8CVpJLY0DamS5KZrYKbvMWqCqKGBpjEDNPPUUzdmR5JHn88ScPw3vaZ/O+RYEn3jYEcLjs3pnowS/+bBCKRTz1zLBi7k73L1ojl3ZOkU5pA9s0bpVqwGU2E7hP2NkG6nL0TrkGuwqY5xuktZc5LHZZBY5WHICCVoj/qzb2F5NVfi2IZEX20XCiI6hWL3sUY8KvsODjKj8SMkYGsdw; bm_sz=08CD0E13C42E17736BCD96DD0E3C03B0~YAAQdbsQAs4c4s14AQAAgij80AvIrg8i0QMA9bp2yrQcIh0I9O+/XXGWGE66hBvw8pgs0/ohJBgoooyVkyak9IfV/K/iEiWPdv8498ue/x8ePJGBLrPCnBl4fYIqOtJPVwvFGzMZVs/n82orjsE4ATFSBngWogN9tKnjTDVtUPO7X49Lqj8lq1guuJnU4iNYmg==; _abck=D7815A939CC52455DBE04E216C178357~-1~YAAQdbsQAs8c4s14AQAAgij80AXXdfxzHYvNYdjpeU8ESlR5aiBVF9m6XndhU2EHea6GweIYq34zQ49/V/RNhTrDaIS7UdFn1LpBv/OneR0kqoyHeZoPBW+iac1hCEawpw+ZrcJQTmEnjisRTj9BU7ukiogQRzMBsF4J+aijJKe/BZwauZnuw+M19hhZsNZKAC24iLfchp4gd2wa9gf0ZdP5ABTUSwSzrkl32dJmVJ/RpwJGKVIJD+ulFvlJfhWPk36nTEBXI7SjnXDnkCddAeJWFyfgBrBmmVTk/2Rm9/EBh4G2d0XRX6q2uCNrNf4cxZAnboC21Y3Gfoyu/1XNCsqH0s/w3GRkZTyq55rQziy6Uxirq1XZSrSx3ki2~-1~-1~-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy-Report-Only
img-src 'self' sunlife.ca sunlife.com ca.sunlife sunlifecorp.com *.sunlife.ca *.sunlife.com *.ca.sunlife *.sunlifecorp.com http://cdn.sunlife.com http://www.sunlife.ca https://ws1.postescanada-canadapost.ca https://login.windows.net https://secure.sunlife.ca https://cdn.gingersoftware.com https://outlook.live.com https://px.ads.linkedin.com https://googleads.g.doubleclick.net https://www.google.co.in https://cdn.exchqzdata.com https://blinkjork.com https://login.microsoftonline.com https://connect.facebook.net https://fonts.googleapis.com https://www.sunlife.ca http://prod-web.ca.sunlife http://alert.scansafe.net http://contentinternal.ca.sunlife https://www.shareresults.com https://*.googleusercontent.com https://www.google.lu https://*.kaspersky-labs.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.sc.pages01.net https://trableflick.com https://www.google.kz https://cp.internal.cihr.ca https://www.pages01.net https://www.linkedin.com https://www.googleapis.com https://www.google-analytics.com https://www.googleadservices.com https://www.google.es https://www.google.com.ua https://www.google.ca https://www.google.ae https://www.flipkart.com https://www.facebook.com https://www.desideriosoldi.com https://webui.dashlane.com https://websafetycheck.com https://visualsponline.azurewebsites.net https://vildlonger.com https://utp.ucweb.com https://use.fontawesome.com https://ucads-cdn.ucweb.com https://ttnorsg1.travp.net https://ssl.google-analytics.com https://siteintercept.qualtrics.com https://session.socialware.com https://service.nservices.space https://self.adblockultimate.net https://nikkomsgchannel https://maps.gstatic.com https://linkojager.org https://www.gstatic.com https://lh3.googleusercontent.com https://jaretsummer.com https://gjtrack.ucweb.com https://gateway.zscaler.net https://fp166.digitaloptout.com https://dc.services.visualstudio.com https://cosmeticsrc.com https://content.atomz.com *.opendns.com https://code.jquery.com https://cm.everesttech.net https://clients1.google.com https://cdn.sunlife.com https://clicksapp.net https://cdn-js.net https://canvasdp-a.akamaihd.net https://ca1.qualtrics.com https://bloomkloud.net https://www.sunlifeglobalinvestments.com https://bat.bing.com https://autroliner.com https://api.trongrid.io https://ajax.aspnetcdn.com https://adblockers.opera-mini.net https://acestream.me https://0d7byjich94-a.akamaihd.net https://*.akamaihd.net https://*.vidyard.com https://*.sunlife.com https://*.linkedin.com https://*.google.com https://*.clarica.com https://*.akamaihd.net http://www.sunnet.sunlife.com http://www.sunlifeglobalinvestments.com http://www.sunlife.com http://www.sunlife.ca http://netdna.bootstrapcdn.com http://fonts.gstatic.com http://cm.everesttech.net http://cdn.sunlife.com gsa://onpageload *.sunlife.ca *.siteintercept.qualtrics.com *.qualtrics.com *.googleapis.com *.demdex.net *.ca.sunlife blob: data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; connect-src 'self' sunlife.ca sunlife.com ca.sunlife sunlifecorp.com *.sunlife.ca *.sunlife.com *.ca.sunlife *.sunlifecorp.com https://tags.srv.stackadapt.com https://dc.services.visualstudio.com http://www.sunlife.ca https://ajax.googleapis.com wss://www.sunnet.sunlife.com https://cdncache-a.akamaihd.net https://www.google-analytics.com https://www.gstatic.com https://ssl.google-analytics.com https://www.clarica.com https://mars.sslproviders.net https://translate.googleapis.com https://*.akamaihd.net https://protectsurf-a.akamaihd.net https://videoram.com https://www.facebook.com https://www.bing.com https://www.sunlife.ca https://*.sunlife.com https://bat.bing.com https://*.google.com *.demdex.net *.qualtrics.com https://sunlifeassurance.tt.omtrdc.net *.sunlife.ca https://dxc.dxi-na2.cloud.ca.com https://dxc.dxi-na1.saas.broadcom.com https://smetrics.sunlifeglobalinvestments.com https://my.tealiumiq.com javascript: about: data: blob: ; report-uri https://www.sunlife.ca/slfreporting/reportUri/; frame-src 'self' https://www.gorendezvous.com https://ucads-cdn.ucweb.com https://itsresultshub-a.akamaihd.net https://cdncache-a.akamaihd.net https://secure.mycouponsmartmac.com https://secure.mac.com https://uat-www.ca.sunlife https://sit-www.sunnet.sunlife.com ms-appx-web://microsoft.microsoftedge https://code.jquery.com https://www.youtube.com https://www.sunnet.sunlife.com https://www.pages03.net https://www.facebook.com https://www.chasepaymentechhostedpay-var.com https://www.chasepaymentechhostedpay.com https://tpc.googlesyndication.com https://support.sunnet.sunlife.com https://sunlifeassurance.demdex.net https://sunlife.morningstar.ca https://sunlife.ca1.qualtrics.com https://pwm-image.trendmicro.com https://play.vidyard.com https://nlsdt.com https://mozbar.moz.com https://lt.morningstar.com https://login.zscalertwo.net https://gateway.zscloud.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscaler.net https://connect.facebook.net https://block.techloq.com https://apps.e-signlive.ca https://*.vidyard.com https://*.clarica.com http://www.facebook.com *.sunlife.ca *.doubleclick.net *.demdex.net; report-uri https://www.sunlife.ca/slfreporting/reportUri/; style-src 'self' 'unsafe-inline' http://www.sunlife.ca https://tags.srv.stackadapt.com https://maxcdn.bootstrapcdn.com https://use.fontawesome.com https://fast.fonts.net http://netdna.bootstrapcdn.com https://www.sunlife.ca http://contentinternal.ca.sunlife https://code.jquery.com https://translate.googleapis.com http://cdn.sunlife.com http://www.sunlife.com https://*.sunlife.com *.ca.sunlife *.sunlife.ca https://*.google.com *.gstatic.com *.googleapis.com; report-uri https://www.sunlife.ca/slfreporting/reportUri/; style-src-elem 'self' 'unsafe-inline' https://ws1.postescanada-canadapost.ca http://cdn.sunlife.com https://gateway.zscloud.net http://cloud.typenetwork.com https://www.clarica.com http://netdna.bootstrapcdn.com http://contentinternal.ca.sunlife https://maxcdn.bootstrapcdn.com http://www.sunlife.ca https://code.jquery.com https://www.gstatic.com https://translate.googleapis.com http://www.sunlife.com https://*.sunlife.com *.ca.sunlife *.sunlife.ca *.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://*.google.com https://fast.fonts.net https://fonts.googleapis.com blob: ; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
Content-Security-Policy
font-src 'self' https://www.sunlife.ca https://ssl.gstatic.com https://www.clarica.com https://secure.sunlife.ca https://gateway.zscalerthree.net https://www.google.me *.ca.sunlife *.sunlife.ca *.sunlife.com chrome-extension http://*.sunlife.ca http://fonts.gstatic.com http://themes.googleusercontent.com https://*.sunlife.com https://*.vidyard.com https://api.couponmate.com https://at.alicdn.com https://cdn.adskeeper.co.uk https://cdn.getspeechify.com https://cdn.honey.io https://cdnjs.cloudflare.com https://cloud.typenetwork.com https://connect.facebook.net https://fonts.gstatic.com https://github.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://sapling.ai https://static.revechat.com https://static3.avast.com https://use.fontawesome.com https://use.typekit.net https://webfonts.zohostatic.com https://www.clearplay.com https://www.gstatic.com https://www.slant.co ms-appx-web:// ms-appx-web://microsoft.microsoftedge https://cdn.joinhoney.com https://cdn.scite.ai data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: about:; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Last-Modified
Thu, 01 Jan 1970 04:47:04 GMT
ETag
"c177-1ee9-402a16200"
Accept-Ranges
bytes
X-UA-Compatible
IE=EmulateIE7
Content-Type
text/html
X-Akamai-Transformed
9 7913 0 pmb=mTOE,1
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 14 Apr 2021 15:24:49 GMT
Content-Length
2530
Connection
keep-alive
Set-Cookie
bm_sv=CED1E183EE0F648D9ACDCC06D1FE7676~KaA9KTrs9jcUUqlJDC0urbGv2hGGk0EbUuLr9jpcGkzMhBl+Ot1U1H/nOddSRTlSNaThFyBVug7BxB3funVHMAJ9dp8l+3hh28KML/lPbCvkNJ0mFeYwSvIJMkjvt2YJXKQIueKnTmznqBphSMQ2BSCGXV495S8B1vkhn7Acd1w=; Domain=.sunnet.sunlife.com; Path=/; Max-Age=7200; HttpOnly

Redirect headers

Content-Security-Policy-Report-Only
img-src 'self' sunlife.ca sunlife.com ca.sunlife sunlifecorp.com *.sunlife.ca *.sunlife.com *.ca.sunlife *.sunlifecorp.com http://cdn.sunlife.com http://www.sunlife.ca https://ws1.postescanada-canadapost.ca https://login.windows.net https://secure.sunlife.ca https://cdn.gingersoftware.com https://outlook.live.com https://px.ads.linkedin.com https://googleads.g.doubleclick.net https://www.google.co.in https://cdn.exchqzdata.com https://blinkjork.com https://login.microsoftonline.com https://connect.facebook.net https://fonts.googleapis.com https://www.sunlife.ca http://prod-web.ca.sunlife http://alert.scansafe.net http://contentinternal.ca.sunlife https://www.shareresults.com https://*.googleusercontent.com https://www.google.lu https://*.kaspersky-labs.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.sc.pages01.net https://trableflick.com https://www.google.kz https://cp.internal.cihr.ca https://www.pages01.net https://www.linkedin.com https://www.googleapis.com https://www.google-analytics.com https://www.googleadservices.com https://www.google.es https://www.google.com.ua https://www.google.ca https://www.google.ae https://www.flipkart.com https://www.facebook.com https://www.desideriosoldi.com https://webui.dashlane.com https://websafetycheck.com https://visualsponline.azurewebsites.net https://vildlonger.com https://utp.ucweb.com https://use.fontawesome.com https://ucads-cdn.ucweb.com https://ttnorsg1.travp.net https://ssl.google-analytics.com https://siteintercept.qualtrics.com https://session.socialware.com https://service.nservices.space https://self.adblockultimate.net https://nikkomsgchannel https://maps.gstatic.com https://linkojager.org https://www.gstatic.com https://lh3.googleusercontent.com https://jaretsummer.com https://gjtrack.ucweb.com https://gateway.zscaler.net https://fp166.digitaloptout.com https://dc.services.visualstudio.com https://cosmeticsrc.com https://content.atomz.com *.opendns.com https://code.jquery.com https://cm.everesttech.net https://clients1.google.com https://cdn.sunlife.com https://clicksapp.net https://cdn-js.net https://canvasdp-a.akamaihd.net https://ca1.qualtrics.com https://bloomkloud.net https://www.sunlifeglobalinvestments.com https://bat.bing.com https://autroliner.com https://api.trongrid.io https://ajax.aspnetcdn.com https://adblockers.opera-mini.net https://acestream.me https://0d7byjich94-a.akamaihd.net https://*.akamaihd.net https://*.vidyard.com https://*.sunlife.com https://*.linkedin.com https://*.google.com https://*.clarica.com https://*.akamaihd.net http://www.sunnet.sunlife.com http://www.sunlifeglobalinvestments.com http://www.sunlife.com http://www.sunlife.ca http://netdna.bootstrapcdn.com http://fonts.gstatic.com http://cm.everesttech.net http://cdn.sunlife.com gsa://onpageload *.sunlife.ca *.siteintercept.qualtrics.com *.qualtrics.com *.googleapis.com *.demdex.net *.ca.sunlife blob: data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; connect-src 'self' sunlife.ca sunlife.com ca.sunlife sunlifecorp.com *.sunlife.ca *.sunlife.com *.ca.sunlife *.sunlifecorp.com https://tags.srv.stackadapt.com https://dc.services.visualstudio.com http://www.sunlife.ca https://ajax.googleapis.com wss://www.sunnet.sunlife.com https://cdncache-a.akamaihd.net https://www.google-analytics.com https://www.gstatic.com https://ssl.google-analytics.com https://www.clarica.com https://mars.sslproviders.net https://translate.googleapis.com https://*.akamaihd.net https://protectsurf-a.akamaihd.net https://videoram.com https://www.facebook.com https://www.bing.com https://www.sunlife.ca https://*.sunlife.com https://bat.bing.com https://*.google.com *.demdex.net *.qualtrics.com https://sunlifeassurance.tt.omtrdc.net *.sunlife.ca https://dxc.dxi-na2.cloud.ca.com https://dxc.dxi-na1.saas.broadcom.com https://smetrics.sunlifeglobalinvestments.com https://my.tealiumiq.com javascript: about: data: blob: ; report-uri https://www.sunlife.ca/slfreporting/reportUri/; frame-src 'self' https://www.gorendezvous.com https://ucads-cdn.ucweb.com https://itsresultshub-a.akamaihd.net https://cdncache-a.akamaihd.net https://secure.mycouponsmartmac.com https://secure.mac.com https://uat-www.ca.sunlife https://sit-www.sunnet.sunlife.com ms-appx-web://microsoft.microsoftedge https://code.jquery.com https://www.youtube.com https://www.sunnet.sunlife.com https://www.pages03.net https://www.facebook.com https://www.chasepaymentechhostedpay-var.com https://www.chasepaymentechhostedpay.com https://tpc.googlesyndication.com https://support.sunnet.sunlife.com https://sunlifeassurance.demdex.net https://sunlife.morningstar.ca https://sunlife.ca1.qualtrics.com https://pwm-image.trendmicro.com https://play.vidyard.com https://nlsdt.com https://mozbar.moz.com https://lt.morningstar.com https://login.zscalertwo.net https://gateway.zscloud.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscaler.net https://connect.facebook.net https://block.techloq.com https://apps.e-signlive.ca https://*.vidyard.com https://*.clarica.com http://www.facebook.com *.sunlife.ca *.doubleclick.net *.demdex.net; report-uri https://www.sunlife.ca/slfreporting/reportUri/; style-src 'self' 'unsafe-inline' http://www.sunlife.ca https://tags.srv.stackadapt.com https://maxcdn.bootstrapcdn.com https://use.fontawesome.com https://fast.fonts.net http://netdna.bootstrapcdn.com https://www.sunlife.ca http://contentinternal.ca.sunlife https://code.jquery.com https://translate.googleapis.com http://cdn.sunlife.com http://www.sunlife.com https://*.sunlife.com *.ca.sunlife *.sunlife.ca https://*.google.com *.gstatic.com *.googleapis.com; report-uri https://www.sunlife.ca/slfreporting/reportUri/; style-src-elem 'self' 'unsafe-inline' https://ws1.postescanada-canadapost.ca http://cdn.sunlife.com https://gateway.zscloud.net http://cloud.typenetwork.com https://www.clarica.com http://netdna.bootstrapcdn.com http://contentinternal.ca.sunlife https://maxcdn.bootstrapcdn.com http://www.sunlife.ca https://code.jquery.com https://www.gstatic.com https://translate.googleapis.com http://www.sunlife.com https://*.sunlife.com *.ca.sunlife *.sunlife.ca *.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://*.google.com https://fast.fonts.net https://fonts.googleapis.com blob: ; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
Content-Security-Policy
font-src 'self' https://www.sunlife.ca https://ssl.gstatic.com https://www.clarica.com https://secure.sunlife.ca https://gateway.zscalerthree.net https://www.google.me *.ca.sunlife *.sunlife.ca *.sunlife.com chrome-extension http://*.sunlife.ca http://fonts.gstatic.com http://themes.googleusercontent.com https://*.sunlife.com https://*.vidyard.com https://api.couponmate.com https://at.alicdn.com https://cdn.adskeeper.co.uk https://cdn.getspeechify.com https://cdn.honey.io https://cdnjs.cloudflare.com https://cloud.typenetwork.com https://connect.facebook.net https://fonts.gstatic.com https://github.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://sapling.ai https://static.revechat.com https://static3.avast.com https://use.fontawesome.com https://use.typekit.net https://webfonts.zohostatic.com https://www.clearplay.com https://www.gstatic.com https://www.slant.co ms-appx-web:// ms-appx-web://microsoft.microsoftedge https://cdn.joinhoney.com https://cdn.scite.ai data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: about:; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Location
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
Content-Length
294
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Apr 2021 15:24:49 GMT
Connection
keep-alive
Set-Cookie
bcs=redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH&domain=.sunlife.com&sessioncookies=yes&browser=Mozilla&uaextra=Windows NT 10.0&bversion=5.0&bplatform=Windows NT 10.0&msiecheck= Win64&bextra= AppleWebKit/537.36 (KHTML&ssl=true; path=/; domain=.sunlife.com bcp=checked; path=/; domain=.sunlife.com; expires=Sat, 17-Apr-2021 15:24:49 GMT ak_bmsc=F145F07E668AD2655BD3885E1FD480710210BB752B22000041097760357C6F61~plTwEcV/tfbX7LF/b/jWfpik7fyejTY4zXg2w/6FvtV6jjWLt8CVpJLY0DamS5KZrYKbvMWqCqKGBpjEDNPPUUzdmR5JHn88ScPw3vaZ/O+RYEn3jYEcLjs3pnowS/+bBCKRTz1zLBi7k73L1ojl3ZOkU5pA9s0bpVqwGU2E7hP2NkG6nL0TrkGuwqY5xuktZc5LHZZBY5WHICCVoj/qzb2F5NVfi2IZEX20XCiI6hWL3sUY8KvsODjKj8SMkYGsdw; expires=Wed, 14 Apr 2021 17:24:49 GMT; max-age=7200; path=/; domain=.sunnet.sunlife.com; HttpOnly bm_sz=08CD0E13C42E17736BCD96DD0E3C03B0~YAAQdbsQAs4c4s14AQAAgij80AvIrg8i0QMA9bp2yrQcIh0I9O+/XXGWGE66hBvw8pgs0/ohJBgoooyVkyak9IfV/K/iEiWPdv8498ue/x8ePJGBLrPCnBl4fYIqOtJPVwvFGzMZVs/n82orjsE4ATFSBngWogN9tKnjTDVtUPO7X49Lqj8lq1guuJnU4iNYmg==; Domain=.sunlife.com; Path=/; Expires=Wed, 14 Apr 2021 19:24:49 GMT; Max-Age=14400; HttpOnly _abck=D7815A939CC52455DBE04E216C178357~-1~YAAQdbsQAs8c4s14AQAAgij80AXXdfxzHYvNYdjpeU8ESlR5aiBVF9m6XndhU2EHea6GweIYq34zQ49/V/RNhTrDaIS7UdFn1LpBv/OneR0kqoyHeZoPBW+iac1hCEawpw+ZrcJQTmEnjisRTj9BU7ukiogQRzMBsF4J+aijJKe/BZwauZnuw+M19hhZsNZKAC24iLfchp4gd2wa9gf0ZdP5ABTUSwSzrkl32dJmVJ/RpwJGKVIJD+ulFvlJfhWPk36nTEBXI7SjnXDnkCddAeJWFyfgBrBmmVTk/2Rm9/EBh4G2d0XRX6q2uCNrNf4cxZAnboC21Y3Gfoyu/1XNCsqH0s/w3GRkZTyq55rQziy6Uxirq1XZSrSx3ki2~-1~-1~-1; Domain=.sunlife.com; Path=/; Expires=Thu, 14 Apr 2022 15:24:49 GMT; Max-Age=31536000; Secure
3cdf94343no22177e2545873cb64b0d
www.sunnet.sunlife.com/clientlibs/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sunnet.sunlife.com/clientlibs/3cdf94343no22177e2545873cb64b0d
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.243.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d7647710fb2bc7cf162729f1ab695dbdbb4d3d38a219e7bb7da6f06030bd7b7

Request headers

Referer
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 22:20:44 GMT
ETag
"77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
18915
3cdf94343no22177e2545873cb64b0d
www.sunnet.sunlife.com/clientlibs/ 		17 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sunnet.sunlife.com/clientlibs/3cdf94343no22177e2545873cb64b0d
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/clientlibs/3cdf94343no22177e2545873cb64b0d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.243.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 14 Apr 2021 15:24:50 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sunnet.sunlife.com, https://www.sunnet.sunlife.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
17
Primary Request Cookie set redirector.html
www.sunnet.sunlife.com/
Redirect Chain
  • https://www.sunnet.sunlife.com/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH?
  • https://www.sunnet.sunlife.com/mbrportal/req/secure/pphp/personalizedWelcome?locale=en_CA
  • https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.243.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31ccee8df5ebef269d0c268ce86b95406a99d7a506382b4bf111eeafe7341963
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.sunnet.sunlife.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bcp=checked; ak_bmsc=F145F07E668AD2655BD3885E1FD480710210BB752B22000041097760357C6F61~plTwEcV/tfbX7LF/b/jWfpik7fyejTY4zXg2w/6FvtV6jjWLt8CVpJLY0DamS5KZrYKbvMWqCqKGBpjEDNPPUUzdmR5JHn88ScPw3vaZ/O+RYEn3jYEcLjs3pnowS/+bBCKRTz1zLBi7k73L1ojl3ZOkU5pA9s0bpVqwGU2E7hP2NkG6nL0TrkGuwqY5xuktZc5LHZZBY5WHICCVoj/qzb2F5NVfi2IZEX20XCiI6hWL3sUY8KvsODjKj8SMkYGsdw; bm_sz=08CD0E13C42E17736BCD96DD0E3C03B0~YAAQdbsQAs4c4s14AQAAgij80AvIrg8i0QMA9bp2yrQcIh0I9O+/XXGWGE66hBvw8pgs0/ohJBgoooyVkyak9IfV/K/iEiWPdv8498ue/x8ePJGBLrPCnBl4fYIqOtJPVwvFGzMZVs/n82orjsE4ATFSBngWogN9tKnjTDVtUPO7X49Lqj8lq1guuJnU4iNYmg==; bcs=redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH&domain=.sunlife.com&sessioncookies=yes&browser=Mozilla&uaextra=Windows NT 10.0&bversion=5.0&bplatform=Windows NT 10.0&msiecheck= Win64&bextra= AppleWebKit/537.36 (KHTML&ssl=true&browRes=1600 x 1200&OS=WinNT&tzone=6&date=4/14/2021%2C%205%3A24%3A50%20PM&browserId=SAFARI&browserVersionId=537&browserVersMaj=537&browserVersMin=undefined&screenRes=1600 x 1200&colorDepth=24&js=yes&permcookies=yes; _abck=D7815A939CC52455DBE04E216C178357~0~YAAQdbsQAtEc4s14AQAAHiv80AWoGrSFXngkeEGQXBZsqHNaDMQWmDOcGA6NYci+CZam3tFPqlA31VKD+8j1btP5IJVRwEv3zB+UKI8l5t5bXBoWO8rJnDbMWu8DezpoEwpPJgchtwZ3bABpQDaSvFKhyLe9U4bsHbIjI3RYVKGfRdF/Y7Spi/WWGel8XhajK9wp7tAqZ/9BzwEi+TLIFN1RqQ8i5Lp2d6y1zonIyo872q+MaugUAjNtLDJWiAl1+Y9e9gfvox9JVBB3XJbpH1qJ5ZvT1uKJCZb0l+WTpZrFYacaF0+xxx2I1/smcC6k1LNy0Aez3g4Utr5A7jEiUKXOpbZuboU0hGT7pBBzstBO8dis3MvPg9+0jwTX0mKiW32sEZCbIMA83e/aV3TmcwXapexOs+D5EA==~-1~||1-txyUchPQam-1-10-1000-2||~-1; deeplink=LINK=PPHP_GBC&FC=PROVIDER_SEARCH; bm_sv=CED1E183EE0F648D9ACDCC06D1FE7676~KaA9KTrs9jcUUqlJDC0urbGv2hGGk0EbUuLr9jpcGkzMhBl+Ot1U1H/nOddSRTlSNaThFyBVug7BxB3funVHMAJ9dp8l+3hh28KML/lPbCvkNJ0mFeYwSvIJMkjvt2YJM4/GSdrrnxSjnTmOQZxyNiOpHITfVT426D+6RVwGIKg=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH

Response headers

X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Last-Modified
Mon, 26 Oct 2015 13:23:10 GMT
ETag
"cb06-8d7-52301dcce4b80"
Accept-Ranges
bytes
Content-Length
2263
X-UA-Compatible
IE=EmulateIE7
Content-Type
text/html
Date
Wed, 14 Apr 2021 15:24:50 GMT
Connection
keep-alive
Set-Cookie
bm_sv=CED1E183EE0F648D9ACDCC06D1FE7676~KaA9KTrs9jcUUqlJDC0urbGv2hGGk0EbUuLr9jpcGkzMhBl+Ot1U1H/nOddSRTlSNaThFyBVug7BxB3funVHMAJ9dp8l+3hh28KML/lPbCvkNJ0mFeYwSvIJMkjvt2YJkVMG0/SgjBjnoceJfcBsAeJelmIyWWMVtj5Lwc4KoYg=; Domain=.sunnet.sunlife.com; Path=/; Max-Age=7199; HttpOnly

Redirect headers

Content-Security-Policy-Report-Only
img-src 'self' sunlife.ca sunlife.com ca.sunlife sunlifecorp.com *.sunlife.ca *.sunlife.com *.ca.sunlife *.sunlifecorp.com http://cdn.sunlife.com http://www.sunlife.ca https://ws1.postescanada-canadapost.ca https://login.windows.net https://secure.sunlife.ca https://cdn.gingersoftware.com https://outlook.live.com https://px.ads.linkedin.com https://googleads.g.doubleclick.net https://www.google.co.in https://cdn.exchqzdata.com https://blinkjork.com https://login.microsoftonline.com https://connect.facebook.net https://fonts.googleapis.com https://www.sunlife.ca http://prod-web.ca.sunlife http://alert.scansafe.net http://contentinternal.ca.sunlife https://www.shareresults.com https://*.googleusercontent.com https://www.google.lu https://*.kaspersky-labs.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.sc.pages01.net https://trableflick.com https://www.google.kz https://cp.internal.cihr.ca https://www.pages01.net https://www.linkedin.com https://www.googleapis.com https://www.google-analytics.com https://www.googleadservices.com https://www.google.es https://www.google.com.ua https://www.google.ca https://www.google.ae https://www.flipkart.com https://www.facebook.com https://www.desideriosoldi.com https://webui.dashlane.com https://websafetycheck.com https://visualsponline.azurewebsites.net https://vildlonger.com https://utp.ucweb.com https://use.fontawesome.com https://ucads-cdn.ucweb.com https://ttnorsg1.travp.net https://ssl.google-analytics.com https://siteintercept.qualtrics.com https://session.socialware.com https://service.nservices.space https://self.adblockultimate.net https://nikkomsgchannel https://maps.gstatic.com https://linkojager.org https://www.gstatic.com https://lh3.googleusercontent.com https://jaretsummer.com https://gjtrack.ucweb.com https://gateway.zscaler.net https://fp166.digitaloptout.com https://dc.services.visualstudio.com https://cosmeticsrc.com https://content.atomz.com *.opendns.com https://code.jquery.com https://cm.everesttech.net https://clients1.google.com https://cdn.sunlife.com https://clicksapp.net https://cdn-js.net https://canvasdp-a.akamaihd.net https://ca1.qualtrics.com https://bloomkloud.net https://www.sunlifeglobalinvestments.com https://bat.bing.com https://autroliner.com https://api.trongrid.io https://ajax.aspnetcdn.com https://adblockers.opera-mini.net https://acestream.me https://0d7byjich94-a.akamaihd.net https://*.akamaihd.net https://*.vidyard.com https://*.sunlife.com https://*.linkedin.com https://*.google.com https://*.clarica.com https://*.akamaihd.net http://www.sunnet.sunlife.com http://www.sunlifeglobalinvestments.com http://www.sunlife.com http://www.sunlife.ca http://netdna.bootstrapcdn.com http://fonts.gstatic.com http://cm.everesttech.net http://cdn.sunlife.com gsa://onpageload *.sunlife.ca *.siteintercept.qualtrics.com *.qualtrics.com *.googleapis.com *.demdex.net *.ca.sunlife blob: data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; connect-src 'self' sunlife.ca sunlife.com ca.sunlife sunlifecorp.com *.sunlife.ca *.sunlife.com *.ca.sunlife *.sunlifecorp.com https://tags.srv.stackadapt.com https://dc.services.visualstudio.com http://www.sunlife.ca https://ajax.googleapis.com wss://www.sunnet.sunlife.com https://cdncache-a.akamaihd.net https://www.google-analytics.com https://www.gstatic.com https://ssl.google-analytics.com https://www.clarica.com https://mars.sslproviders.net https://translate.googleapis.com https://*.akamaihd.net https://protectsurf-a.akamaihd.net https://videoram.com https://www.facebook.com https://www.bing.com https://www.sunlife.ca https://*.sunlife.com https://bat.bing.com https://*.google.com *.demdex.net *.qualtrics.com https://sunlifeassurance.tt.omtrdc.net *.sunlife.ca https://dxc.dxi-na2.cloud.ca.com https://dxc.dxi-na1.saas.broadcom.com https://smetrics.sunlifeglobalinvestments.com https://my.tealiumiq.com javascript: about: data: blob: ; report-uri https://www.sunlife.ca/slfreporting/reportUri/; frame-src 'self' https://www.gorendezvous.com https://ucads-cdn.ucweb.com https://itsresultshub-a.akamaihd.net https://cdncache-a.akamaihd.net https://secure.mycouponsmartmac.com https://secure.mac.com https://uat-www.ca.sunlife https://sit-www.sunnet.sunlife.com ms-appx-web://microsoft.microsoftedge https://code.jquery.com https://www.youtube.com https://www.sunnet.sunlife.com https://www.pages03.net https://www.facebook.com https://www.chasepaymentechhostedpay-var.com https://www.chasepaymentechhostedpay.com https://tpc.googlesyndication.com https://support.sunnet.sunlife.com https://sunlifeassurance.demdex.net https://sunlife.morningstar.ca https://sunlife.ca1.qualtrics.com https://pwm-image.trendmicro.com https://play.vidyard.com https://nlsdt.com https://mozbar.moz.com https://lt.morningstar.com https://login.zscalertwo.net https://gateway.zscloud.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscaler.net https://connect.facebook.net https://block.techloq.com https://apps.e-signlive.ca https://*.vidyard.com https://*.clarica.com http://www.facebook.com *.sunlife.ca *.doubleclick.net *.demdex.net; report-uri https://www.sunlife.ca/slfreporting/reportUri/; style-src 'self' 'unsafe-inline' http://www.sunlife.ca https://tags.srv.stackadapt.com https://maxcdn.bootstrapcdn.com https://use.fontawesome.com https://fast.fonts.net http://netdna.bootstrapcdn.com https://www.sunlife.ca http://contentinternal.ca.sunlife https://code.jquery.com https://translate.googleapis.com http://cdn.sunlife.com http://www.sunlife.com https://*.sunlife.com *.ca.sunlife *.sunlife.ca https://*.google.com *.gstatic.com *.googleapis.com; report-uri https://www.sunlife.ca/slfreporting/reportUri/; style-src-elem 'self' 'unsafe-inline' https://ws1.postescanada-canadapost.ca http://cdn.sunlife.com https://gateway.zscloud.net http://cloud.typenetwork.com https://www.clarica.com http://netdna.bootstrapcdn.com http://contentinternal.ca.sunlife https://maxcdn.bootstrapcdn.com http://www.sunlife.ca https://code.jquery.com https://www.gstatic.com https://translate.googleapis.com http://www.sunlife.com https://*.sunlife.com *.ca.sunlife *.sunlife.ca *.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://*.google.com https://fast.fonts.net https://fonts.googleapis.com blob: ; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
Content-Security-Policy
font-src 'self' https://www.sunlife.ca https://ssl.gstatic.com https://www.clarica.com https://secure.sunlife.ca https://gateway.zscalerthree.net https://www.google.me *.ca.sunlife *.sunlife.ca *.sunlife.com chrome-extension http://*.sunlife.ca http://fonts.gstatic.com http://themes.googleusercontent.com https://*.sunlife.com https://*.vidyard.com https://api.couponmate.com https://at.alicdn.com https://cdn.adskeeper.co.uk https://cdn.getspeechify.com https://cdn.honey.io https://cdnjs.cloudflare.com https://cloud.typenetwork.com https://connect.facebook.net https://fonts.gstatic.com https://github.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://sapling.ai https://static.revechat.com https://static3.avast.com https://use.fontawesome.com https://use.typekit.net https://webfonts.zohostatic.com https://www.clearplay.com https://www.gstatic.com https://www.slant.co ms-appx-web:// ms-appx-web://microsoft.microsoftedge https://cdn.joinhoney.com https://cdn.scite.ai data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: about:; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-store
Location
/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Content-Length
531
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Apr 2021 15:24:50 GMT
Connection
keep-alive
Set-Cookie
bm_sv=CED1E183EE0F648D9ACDCC06D1FE7676~KaA9KTrs9jcUUqlJDC0urbGv2hGGk0EbUuLr9jpcGkzMhBl+Ot1U1H/nOddSRTlSNaThFyBVug7BxB3funVHMAJ9dp8l+3hh28KML/lPbCvkNJ0mFeYwSvIJMkjvt2YJM4/GSdrrnxSjnTmOQZxyNiOpHITfVT426D+6RVwGIKg=; Domain=.sunnet.sunlife.com; Path=/; Max-Age=7199; HttpOnly
3cdf94343no22177e2545873cb64b0d
www.sunnet.sunlife.com/clientlibs/ 		17 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sunnet.sunlife.com/clientlibs/3cdf94343no22177e2545873cb64b0d
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/clientlibs/3cdf94343no22177e2545873cb64b0d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.243.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.sunnet.sunlife.com/bcheck.html?redir=/mysunlife/signin/deeplink/mobileweb/PPHP_GBC/PROVIDER_SEARCH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 14 Apr 2021 15:24:50 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sunnet.sunlife.com, https://www.sunnet.sunlife.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
17
site.css
secure.sunlife.ca/global/publicsite/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.sunlife.ca/global/publicsite/site.css
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc5e7ac78c74978b84662b3cea8ff1c9c54c9be52f04c2eb7914b31b3d88e6b3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Nov 2008 15:29:42 GMT
X-Frame-Options
SAMEORIGIN
ETag
"0b73f511244c91:0"
Vary
Accept-Encoding
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1800
CommonFunctions.js
secure.sunlife.ca/global/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.sunlife.ca/global/CommonFunctions.js
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23b529f35718973a88ef3a62951c490cc46539503089f57198882cf73fbafa44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Dec 2011 15:08:34 GMT
X-Frame-Options
SAMEORIGIN
ETag
"0855068f2bfcc1:0"
Vary
Accept-Encoding
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
2822
coolmenus4.js
secure.sunlife.ca/sites/include/menu/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.sunlife.ca/sites/include/menu/coolmenus4.js
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92fffd6765759a620e0bbc53b6030140772c43ac456cbc8b93a0f1022ba5fe89
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Feb 2005 13:14:42 GMT
X-Frame-Options
SAMEORIGIN
ETag
"04da6cebb15c51:0"
Vary
Accept-Encoding
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
8603
MenuStyles.css
secure.sunlife.ca/Brands/Common/ 		1 KB
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.sunlife.ca/Brands/Common/MenuStyles.css
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d8b30e4df4f021677b786e745b4c09be077e98c0836b29eec8a35f39cbb73289
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Feb 2004 20:46:30 GMT
X-Frame-Options
SAMEORIGIN
ETag
"0d74df75febc31:0"
Vary
Accept-Encoding
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
505
Sunlife_BL.gif
secure.sunlife.ca/brands/common/E/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.sunlife.ca/brands/common/E/Sunlife_BL.gif
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3be7d62fcd74d1ae5d987656ffd92c7780ec81ac96e472e3ffbe1263db09b851
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Last-Modified
Tue, 14 Oct 2003 17:40:28 GMT
ETag
"0e8e417a92c31:0"
X-Frame-Options
SAMEORIGIN
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
1866
Sunlife_BL.gif
secure.sunlife.ca/brands/common/F/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.sunlife.ca/brands/common/F/Sunlife_BL.gif
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8309922a56e39930cf249817e40a92f4be97e0e90441c0c3c9c90946c3281a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Last-Modified
Fri, 28 Nov 2003 17:02:22 GMT
ETag
"0e39463d1b5c31:0"
X-Frame-Options
SAMEORIGIN
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
2382
dn_bar.gif
secure.sunlife.ca/global/menu/images/ 		53 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.sunlife.ca/global/menu/images/dn_bar.gif
Requested by
Host: www.sunnet.sunlife.com
URL: https://www.sunnet.sunlife.com/redirector.html?TYPE=33554432&REALMOID=06-7dbcf0bc-4a50-1000-abba-8344b012304d&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-vnzZipTlYFhTbdvwtRD%2bFfcstaT019Aed3AC0x2Ioco%2fHG0NGrSJQ5u9pG29W7sL&TARGET=-SM-HTTPS%3a%2f%2fwww%2esunnet%2esunlife%2ecom%2fmbrportal%2freq%2fsecure%2fpphp%2fpersonalizedWelcome%3flocale%3den_CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92fa5b74fda13c60a5745b45e86845df55be3ec12e974e79abebacd9ecaf5e48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sunnet.sunlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 15:24:51 GMT
Last-Modified
Tue, 14 Oct 2003 18:12:36 GMT
ETag
"082bbbe7e92c31:0"
X-Frame-Options
SAMEORIGIN
P3p
CP="NOI ADM DEV PSAi COM NAV OUR IND"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
53

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| reDo boolean| ready function| LoadImages function| Get_Cookie function| SwapToLang function| GetSpecialDiv function| BrowserGetForm function| getFunctionQualifier function| AnchorLink function| gotoTarget number| INT_SECONDS_UNTIL_TIME_OUT number| CHECK_FOR_PARENT_TIME_OUT undefined| STRING_SIGN_OUT_PAGE number| INT_WINDOW_OFFSET object| timeOfLastActivity object| arrOpenedWindows number| intCurrentWindow boolean| boolWantsTiming undefined| parentUniqueId number| timeoutID number| parentCheckId string| popupLanguage boolean| leaveChildOpen function| timedOut function| checkForParentChange function| startTiming function| resetTimer function| secondsElapsed function| calculateCascadeOffset function| callOpenWindow function| openNamedWin function| openExternalWindow function| openWindow function| closeChildWindows function| closeWindow function| cm_bwcheck object| bw undefined| cmpage function| cm_message function| cm_makeObj function| cm_active function| cm_page function| cm_cp function| cm_makeLevel function| makeCM function| cm_divCreate function| cm_getLayerStr function| cm_checkalign number| cm_inresize function| cm_resized function| setupFormHide

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy font-src 'self' https://www.sunlife.ca https://ssl.gstatic.com https://www.clarica.com https://secure.sunlife.ca https://gateway.zscalerthree.net https://www.google.me *.ca.sunlife *.sunlife.ca *.sunlife.com chrome-extension http://*.sunlife.ca http://fonts.gstatic.com http://themes.googleusercontent.com https://*.sunlife.com https://*.vidyard.com https://api.couponmate.com https://at.alicdn.com https://cdn.adskeeper.co.uk https://cdn.getspeechify.com https://cdn.honey.io https://cdnjs.cloudflare.com https://cloud.typenetwork.com https://connect.facebook.net https://fonts.gstatic.com https://github.com https://maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com https://sapling.ai https://static.revechat.com https://static3.avast.com https://use.fontawesome.com https://use.typekit.net https://webfonts.zohostatic.com https://www.clearplay.com https://www.gstatic.com https://www.slant.co ms-appx-web:// ms-appx-web://microsoft.microsoftedge https://cdn.joinhoney.com https://cdn.scite.ai data:; report-uri https://www.sunlife.ca/slfreporting/reportUri/; default-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: about:; report-uri https://www.sunlife.ca/slfreporting/reportUri/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block